US10892047B2 - Crypto-based ACL for patient treatment and follow-up care - Google Patents
Crypto-based ACL for patient treatment and follow-up care Download PDFInfo
- Publication number
- US10892047B2 US10892047B2 US15/791,499 US201715791499A US10892047B2 US 10892047 B2 US10892047 B2 US 10892047B2 US 201715791499 A US201715791499 A US 201715791499A US 10892047 B2 US10892047 B2 US 10892047B2
- Authority
- US
- United States
- Prior art keywords
- patient
- radio emitting
- user
- computing device
- user computing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active, expires
Links
- 238000000034 method Methods 0.000 claims abstract description 18
- 238000004891 communication Methods 0.000 claims abstract description 10
- 230000007246 mechanism Effects 0.000 claims description 7
- 239000002131 composite material Substances 0.000 claims description 3
- 230000008569 process Effects 0.000 abstract description 9
- 239000008186 active pharmaceutical agent Substances 0.000 description 10
- 230000009977 dual effect Effects 0.000 description 6
- 230000006870 function Effects 0.000 description 6
- 238000012545 processing Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 238000013461 design Methods 0.000 description 3
- 238000007726 management method Methods 0.000 description 3
- 230000008520 organization Effects 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 238000013500 data storage Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000001914 filtration Methods 0.000 description 2
- 230000036541 health Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 208000017667 Chronic Disease Diseases 0.000 description 1
- 238000007476 Maximum Likelihood Methods 0.000 description 1
- 230000001464 adherent effect Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000000798 anti-retroviral effect Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000004140 cleaning Methods 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000013523 data management Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000011664 signaling Effects 0.000 description 1
- 230000002459 sustained effect Effects 0.000 description 1
- 238000012384 transportation and delivery Methods 0.000 description 1
- 238000013024 troubleshooting Methods 0.000 description 1
- 238000012800 visualization Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H10/00—ICT specially adapted for the handling or processing of patient-related medical or healthcare data
- G16H10/60—ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H40/00—ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices
- G16H40/20—ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the management or administration of healthcare resources or facilities, e.g. managing hospital staff or surgery rooms
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H40/00—ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices
- G16H40/60—ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices
- G16H40/67—ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices for remote operation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H04L67/22—
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/535—Tracking the activity of the user
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
- H04W4/021—Services related to particular areas, e.g. point of interest [POI] services, venue services or geofences
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
Definitions
- the present disclosure relates to cipher-based access control systems and methods.
- the Family Support Unit also needs help to identify service delivery gaps in order to improve the quality of care provided to clients, and to reduce loss to follow-up among children and adolescents living with HIV.
- data-at-rest such as medical records and user profiles
- Data-at-rest should stay encrypted at all times, be portable to facilitate distribution across heterogeneous storage and protection mechanisms.
- Data-at-rest should be protected with baked-in security independent of its environment; eliminating any systems keys and/or lookup tables that may be misused as backdoors. If an employee needs access to the end-user's data in order to provide support, an explicit grant is required by the end-user themselves.
- a radio based system capable of saving battery power for deployed, autonomous radio emitting devices disseminated within a space to form a meshed network.
- the meshed network of the fixed radio emitting devices create a geo-fence within the space, wherein the fixed radio emitting devices are capable of wirelessly communicating with neighboring fixed radio emitting devices.
- the application can have the ability to interface with the meshed network which automatically senses when the device breaks the geo-fence it created in a particular location (indoor or outdoor) or space.
- the patient using the specific application (or a feature of the application) is able to be “checked” in automatically without human intervention.
- the methods and systems of the present disclosure can monitor when a customer left a room and provide notice to a cleaning service to be dispatched to make the room ready for the next guest.
- a hospital or any office space, doctor's practices, etc.
- the meshed network needs to communicate with this scheduling system in order to provide the service.
- the scheduling system allows the personnel to make appointments for patients.
- a patient using a dedicated application is able to be “checked” in automatically without human intervention.
- the patient/user must be signed into the application with a unique ID/password combination.
- the identity of the user is locally encrypted by the application and also stored (encrypted) on the cloud.
- the Scheduling system is integrated with the hospital's/doctor's office EMR (Electronic Medical Records), then the Scheduling system can send the patient's EMR information for verification on the patient's smart device.
- EMR Electronic Medical Records
- the iForm system sends a notification message to the healthcare Administrator system informing it that User X arrived on the premises or within the space.
- the healthcare Administrator system can check the identity of User X and match the records stored in its own database. If the records match, healthcare Administrator system checks in User X for his/her appointment. If Administrator system contains the EMR records of User X and if User X is allowed to preview its personal information via the application running on the mobile device, then User X can check that all personal information is correct and commit any changes made via the application running on the mobile device.
- a central computer can perform functions related to applications which need to be performed.
- the central computer can be completely independent of the healthcare administrator systems or able to communicate with it via a jointly defined interface or an API.
- the central computer can also be connected with mobile applications distributed on different server devices.
- the applications running on iOS® or Android® or Windows® devices can be downloadable and can contain specific applications along with performing specific functions directed by the central computer.
- the radio based system incorporates communication from the fixed radio emitting smart devices and to smart mobile applications downloaded onto smart devices, e.g., smartphones, tablets, computers, etc.
- the identity of the user is locally encrypted by the application and also stored encrypted on the iForm Cloud.
- the user Upon entering the area defined by the meshed network, the user breaks the geo-fence established by the meshed network. As soon as the geo-fence is broken by the smart device, the iForm system sends a notification message to the administrator system informing it that User X arrived on the premises or within the space.
- Device 1 ( 112 A) is sensed by the user's smart device and a message is generated, via servers to the iForm Cloud with the contextual information (user ID, Device 1 ( 112 A) identifier & time stamp).
- the iForm Cloud ID matches the user profile it stores in its database and sends event based contextual information to the Scheduling system, which can inform the personnel of the location of the patient.
- a nested-key design provides inherent cipher-based protection to both its data component and its decryption key component when at rest, independent of and in addition to any access control mechanisms of the environment.
- FIG. 1 illustrates a system having fixed smart devices located within the meshed network that can automatically track people and assets as they move from one position to another within the meshed network or space, according to an embodiment of the present disclosure.
- FIG. 2 illustrates a KeyWrap Record diagram
- FIG. 2B illustrates a KeyWrap RecordSet diagram
- FIG. 3 illustrates the four underlying principles of cipher-based data security.
- FIG. 4A illustrates a system that can be connected to a healthcare Administrator system in charge of appointment scheduling for patients within the healthcare industry, according to an embodiment of the present disclosure.
- FIG. 4B is a flow diagram illustrating the steps for connecting the system to a healthcare Administrator system in charge of appointment scheduling for patients within the healthcare industry, according to an embodiment of the present disclosure.
- FIG. 5 illustrate smart devices and aggregators of the system structure that can communicate within the meshed network and the central computer, according to an embodiment of the present disclosure.
- FIG. 6A illustrates an embodiment of a radio based system capable of saving power for deployed, autonomous radio emitting devices disseminated within a space to form a geo-fence or meshed network, according to an embodiment of the present disclosure.
- FIG. 6B illustrates an embodiment of the radio based system, after physically placing the smart devices and aggregators within the space to form the meshed network, where power is later provided to the smart devices and aggregators so the geo-fence or meshed network can be set up, according to an embodiment of the present disclosure.
- iForm platform offers a secure connectivity platform and messaging foundation for connected IoT devices, providing provisioning, configuration, monitoring, administration, firmware and software updates, and connected product fleet management and dashboards. The data needs to be structured and made actionable. Low latency—literally millions of messages at sub-second speed—and doing so at scale across millions of devices. iForm platform provides device and end-user identity management capabilities to secure devices, and most importantly connected product data both in transfer and within other applications. End to end security protects both device and end user data on the device, in transit, and in the cloud—managing access, provisioning and decommissioning of a product.
- Remote device support allows devices to autonomously communicate issues, while providing critical context that can be used for automated or manual troubleshooting of issues on devices regardless of location.
- iForm platform offers basic capabilities, such as standard APIs, and out-of-the-box connectors with these systems, which are keys to integrate connected product data with other primary enterprise systems.
- a critical element of an IoT solution is a centralized system of record to manage users and groups of connected products. In itself, organizing users for access and authentication is complex and can become an unmanageable process.
- Identity management is a critical element of any connected product system.
- iForm platform offers pre-configured permissions and organization hierarchies included with the platform to securely manage important elements such as users and devices, onboarding flows and data visibility, provide a unique set of credentials for every device to protect against vulnerabilities or unauthorized attempts to tamper with device information.
- iForm platform offers a unified system of record and set authorizations at the user or device level for seamlessly managing administrators and other users, configuring simple single-user or device scenarios, instances of multiple users or devices, or even complex hierarchies.
- FIG. 1 shows a system having fixed smart devices 102 located within a meshed network that can automatically track people and assets as they move from one position to another within the meshed network or space.
- the fixed smart devices 112 can be equipped with dual stack and/or be an aggregator 104 that are used to provide the function of automatically tracking people and assets as they move from one position to another within the meshed network or space.
- the moving objects can be attached to smart devices 112 without the dual stack. It is noted that moving objects can be detected by either dual stack smart devices and/or aggregators.
- a regular smart devices can be attached to any moving objects which will be tracked within the area defined by a meshed network representing a group of smart devices within the meshed network or space. For instance medical devices moving from one operating room to another, handicap scooter, computers on rollways, etc.
- radio frequency signal triangulation is used based on the calibration data provided to a central computer that is in communication with a cloud-based network. If the radio frequency signal of the smart device can only be “heard” by two fixed aggregators, then the determination is made based on the relative signal strength heard by the two aggregators.
- the central computer can also send event push notifications to smart mobile devices registered to receive events for specific smart device IDs.
- FIG. 2 illustrates a KeyWrap Record 201 and the four underlying principles of cipher-based data security to its architecture.
- a Data component 202 is coupled with its Decryption Key components 203 to form a composite data structure 201 , representing a most atomic data representation unit in the architecture. Both components stay encrypted at rest.
- a Decryption Key component 203 is protected by a separate RecordSet Key 217 .
- a Data component 202 is protected from improper access to a KeyWrap Record 201 without having obtained access to its corresponding RecordSet Key 217 .
- a KeyWrap Record 201 is highly portable, allowing straightforward distribution across heterogeneous storage and protection mechanisms.
- a nested-key design provides inherent cipher-based protection to both its data component 202 and its decryption key component 203 when at rest, and it offers protection in a way that is independent of and in addition to any access control mechanisms happen to be offered by a destined storage system, thereby eliminating any risk of having dependencies on any weak access control protection external to the KeyWrap Record 201 .
- System keys and/or lookup tables are eliminated by design, thereby enhancing protection from weak username and passwords, as well as maintaining trust and integrity if and when distributed across access control systems disparate in quality and character.
- the RecordSet 211 is logical groups of records.
- the RecordSet 211 usually represents all records 201 within a Table (in RDBMS) or Collection (in document or key-value stores) but can also be defined to represent a much smaller or larger set of records.
- the RecordSet 211 maintains a list of trusted entities.
- the Trusted Entity List is used for sharing and access control.
- the Trusted Entity list may contain one or more Entity References 219 .
- the Entity Reference 219 is referring to Entity record that has access to the particular RecordSet 211 . When an entity is being assigned to RecordSet 211 , that Entity Reference 219 is added to the Trusted Entities list.
- the Entity Reference 219 contains 3 sections: Entity Name 213 , Access Level, and RecordSetKeyCipher.
- the Entity Name 213 is the name of the entity that has access to the RecordSet 211 .
- the Access Level indicates the abilities the entity can perform on the RecordSet 211 .
- the Access Level can have the value of either READONLY or READWRITE.
- the RecordSetKeyCipher is essentially the encrypted RecordSet key 217 .
- the RecordSet key 217 is a random generated key that was created when the RecordSet 211 got created.
- the RecordSet key 217 is encrypted by the Entity key to form the RecordSetKeyCipher.
- the Record 201 serves as a basic container where the data portion 204 is protected via the key wrapping mechanism of the invention.
- the Record 201 data structure is divided into two sections: Record Data 202 and Record MetaData 203 .
- the Record key 209 is generated during record 201 creation time and will stay with the record 201 for the life-time of the record 201 .
- the purpose of having individual Record keys 209 is so that the records 201 do not need to be decrypted when sharing records, or during regrouping.
- the Record MetaData 203 section may contain one or more RecordSet References 205 .
- the RecordSet Reference 205 is referring to a logical group of Records 201 which is known as RecordSet 211 in this invention.
- the implication is that each Record 201 can belong to multiple logical groups. Data sharing and data access control is being controlled via the use of the RecordSet Reference 205 .
- the Record 201 can be shared to multiple users/entities. The Entity would only have access to records based on the RecordSet 211 that the entity belongs to.
- Each RecordSet Reference 205 contains the RecordSetld 206 and the RecordKeyCipher 207 .
- the RecordSetld 206 identifies the RecordSet 211 that Record 201 belongs to.
- the Record key 208 is encrypted by the RecordSet key 217 to form the RecordKeyCipher 209 .
- the RecordKeyCipher 209 is stored in the Record MetaData 203 section and will be used with the RecordSet key 217 to obtain the Record key 208 to unlock the encrypted data 202 .
- Dataflow Automation is an entirely separate service that will store Flattened/Transformed data into RecordSet 211 .
- the Excel Service became one of the Post Actions for Dataflow Automation to insert data into an excel file one record at a time via an Excel library.
- the Excel Service insert all records to the Excel file all at once. Data are not being passed through the Excel service API. Instead, the Dataflow Id, RecordSet Id are being passed.
- iForm platform offers time-series data storage as a baseline of the standard platform.
- the iForm database is an object database.
- the objects can be represented as JSON objects.
- Multi-record Subform need to be in its own tab (in Excel).
- a subform structure having one or more page records can be shown in the same tab or separate tabs, where options to handle subform structure will be shown in a field on a admin UI.
- a multi-record subform will be implemented as a sub-JSON-object for storage in one or more RecordSets.
- Each object has a unique identifier in the form of a GUID.
- a schema is defined by templates and custom fields. If the schema needs to be extended with custom entities, an external database can be used.
- the database can be relational or non-relational, depending on application requirements.
- a custom schema that aligns with other business systems can be defined to collect data from devices with that schema in an external relational database, and deposit data collected from devices into these tables.
- iForm database and external databases can be linked with foreign keys. For example, a one-to-many relationship between an iForm entity and an external entity can be represented by using a foreign key in the external database, where the foreign key is the iForm entity ID (the UUID).
- FIG. 2B illustrates a KeyWrap RecordSet 211 .
- An entity name 213 include in a RecordSet 211 is encrypted by using a RecordSet key 217 inlcuded in the same RecordSet 211 pertaining to a patient.
- IoT connected devices continuously, and very rapidly, generate a large volume of data. To process this streaming data it must be ingested sequentially and with a low latency.
- iForm platform offers a number of tools to accomplish comprehensive data management.
- a distributed queue is used to poll for work items. It's robust and allows a system to control resource usage by determining when to poll, lowering the risk of a system being easily overwhelmed by fast incoming data feeds.
- High performance message infrastructure is used for meeting an exponential growth in data.
- the request is added to a RabbitMQ broker to ensure the order of subtasks. When the consumer consumes a message from the the RabbitMQ broker, it will create a child process.
- a child process will be used to retrieve data from Dataflow Automation API and write them into an excel file.
- the broker is designed for scalability to very large numbers of devices and message rates, while providing extremely low latencies.
- a polling process in a typical high scalability architecture has a need of some kind of access token for data exchange among processing services.
- iForm SDKs provide structure and methods for interacting with the iForm platform, including messaging and platform API calls.
- a separate filtering service is devised to process channels.
- filtering services For purpose of optimal use of network resource in high load and high availability environments, filtering services should be applied as close to the publisher as possible to keep number of notifications that nobody wants to a minimum. Likewise, processing services should be applied as close to the consumer so that the original update may be transported through the network as a single notification for as long as possible.
- Real-time stream processing tools and rules engine can be used to perform root cause analysis, create visualizations and post massive queries.
- a user using a mobile device can be running a specific mobile application.
- This specific mobile application can have the ability to interface with the meshed network which automatically senses when the device breaks the geo-fence it created in a particular location (indoor or outdoor) or space.
- the device sends a patient's unique ID to the central computer 140 , e.g., iForm Cloud, for automatically check-in.
- the iForm Cloud then relays the patient's unique ID to a scheduling system for automactic check-in at the particular location.
- Different RecordSet keys 217 are used to encrypt data records pertaining to a patient across multiple RecordSets 211 or data combinations.
- a same secret patient key (aka Entity Key) is used to encrypt each individual Entity Name 219 comprised in each corresponding RecordSet 211 represented in the aggregated database.
- the secret patient key, as well as all tracking information, are kept separately and subject to technical and organizational measures to ensure non-attribution to an identified or identifiable patient.
- FIG. 4A illustrates a system connected to a healthcare scheduling system in charge of appointment scheduling for patients within the healthcare industry.
- a hospital or any office space, doctor's practices, etc.
- the meshed network needs to communicate with this scheduling system in order to provide the service.
- the scheduling system allows the personnel to make appointments for patients.
- a patient using a dedicated application or a feature of the application
- the patient/user must be signed into the application with a unique ID/password combination.
- the identity of the user is locally encrypted by the application and also stored (encrypted) on the iForm Cloud 101 .
- the user Upon entering the area defined by the meshed network, the user breaks the geo-fence established by the meshed network.
- Device 1 ( 112 A) is sensed by the user's smart device and a message is generated, via servers to the iForm Cloud with the contextual information (user ID, Device 1 ( 112 A) identifier & time stamp).
- the iForm Cloud ID matches the user profile it stores in its database and sends event based contextual information to the Scheduling system, which can inform the personnel of the location of the patient/user. This process can be repeated multiple times, every time an aggregator/Dual Stack smart device detects the patient/user on his way to the final destination.
- the meshed network Upon reaching the final destination defined in the application running on the smart device by the location of the last aggregator reached (e.g Urology, X-Ray, etc), the meshed network sends the Scheduling system a new message indicating that the patient/user reached the destination. At that point, the Scheduling system can set the status of the patient/user as “checked in”. If the Scheduling system is integrated with the hospital's/doctor's office EMR (Electronic Medical Records), then the Scheduling system can send the patient's EMR information for verification on the patient's smart device. If the records are unchanged, the patient simply “confirms” that the information is correct using the application. If the information is obsolete, the patient can modify and input updates (such as new address, new insurance information, etc) using the application on its smart device and “commit” changes which will be saved in the EMR.
- EMR Electronic Medical Records
- the user can have already downloaded a correct healthcare application on their smart device that uniquely identifies each patient, for example by a user ID & Password.
- the iForm system sends a notification message to the healthcare Administrator system informing it that User X arrived on the premises or within the space.
- the healthcare Administrator system can check the identity of User X and match the records stored in its own database. If the records match, healthcare Administrator system checks in User X for his/her appointment.
- Administrator system contains the EMR records of User X and if User X is allowed to preview its personal information via the application running on the mobile device, then User X can check that all personal information is correct and commit any changes made via the application running on the mobile device.
- FIG. 4B is a flow diagram illustrating the steps for connecting the system to a healthcare Administrator system in charge of appointment scheduling for patients within the healthcare industry.
- FIG. 5 illustrate smart devices 112 and aggregators 104 of the system structure 500 that can communicate within a meshed network 110 and the central computer 140 .
- Patients have previously downloaded a hospital specific mobile application running on their smart device.
- Some aspects of the smart devices 112 and aggregators 104 include the ability to “know” when a smart mobile application is active and to “know” the relative location of the interacting device or smart device within a geo-fence or meshed network in the space.
- the iForm system sends a notification message to the healthcare administrator system informing it that User X arrived on the premises or within the space.
- a user must be signed into the application with a unique ID/password combination.
- the identity of the user is locally encrypted by the application and also stored (encrypted) on the iForm Cloud.
- the user Upon entering the area defined by the meshed network, the user breaks the geo-fence established by the meshed network.
- Device 1 ( 112 A) is sensed by the user's smart device and a message is generated, via servers to the iForm Cloud with the contextual information (user ID, Device 1 ( 112 A) identifier & time stamp).
- the iForm Cloud ID matches the user profile it stores in its database and sends event based contextual information to the healthcare administrator system, which can inform the personnel of the location of the patient.
- the iForm Cloud can be completely independent of the healthcare administrator systems or able to communicate with it via a jointly defined interface or an API.
- the patient can decide to identify itself by providing a login information via the application or decide to be anonymous. If the login is provided, the hospital can push personalized, location based messages to the patient.
- the healthcare administrator system can check the identity of User X and match the records stored in its own database. If the records match, healthcare administrator system checks in User X for his/her visit. If administrator system contains the personal records of User X and if User X is allowed to preview its personal information via the application running on the mobile device, then User X can check that all personal information is correct and commit any changes made via the application running on the mobile device.
- aggregators 104 there are different types of aggregators 104 that may be incorporated in the methods and systems of the present disclosure.
- aggregators 104 including stationary aggregators, mobile aggregators or aggregators that can communicate with hardware through software.
- Aggregators 104 can have one or more of the following functions in communicating with smart devices 112 within the meshed network 110 and the central computer 140 .
- aggregators 104 may: (a) read and store the radio power level of each of the smart devices 112 it connects to; (b) dynamically instruct the smart devices 112 to transmit power; (c) dynamically instruct the smart devices 112 of the frequency of their signal; and (d) push new firmware version(s) to the smart devices 112 .
- the aggregators can be “dumb” and only transmit data and commands back and forth between smart devices and central computer. Further, this is the centralized architecture which can require more signaling between all entities, so more battery power is used; (2) second, the other way can be push intelligence into the aggregators in order for them to take some decisions locally, without the overhead messaging required with the central computer (this is the distributed architecture).
- FIG. 6A illustrates an embodiment of a radio based system 600 capable of saving battery power for deployed, autonomous radio emitting devices (meshed network 110 including smart devices 112 , aggregators 104 and at least one Device 1 112 A) disseminated within a space 615 to form a geo-fence.
- the meshed network includes fixed smart devices 112 and aggregators 104 positioned strategically in the space 615 , wherein the smart devices 112 and aggregators 104 wirelessly communicate with neighboring fixed smart devices 112 and aggregators 104 to form a meshed network 110 .
- the fixed smart devices 112 communicate with aggregators 104 to connect to a central computer 140 that is in communication with a cloud-based network 150 via the internet.
- the radio based system 600 incorporates communication data gathered from the fixed smart devices 112 via aggregators 104 through the central computer 140 , the cloud-based network 150 to smart mobile applications 630 downloaded onto smart devices 112 A.
- each smart device 112 and aggregator 104 starts emitting its beacon signal with the maximum transmitting power (i.e. active state).
- the neighbor beacon listens to all of the beacon signals coming from all of the deployed smart devices 112 and aggregators 104 and sends the values it recorded to the gateway, i.e. Device 1 112 A.
- the system 600 begins building a map or the geo-fence or meshed network 110 .
- the aggregators 104 “know” the location of each smart device 112 , i.e. each smart device 112 has an ID which it uses in its broadcast.
- the central computer 140 can begin to: (1) build a map with a neighbor list for each one of the smart devices 112 and their respective value, for instance, the central computer 140 can decide to keep, e.g., four (4) neighbors for each smart device 112 with an associated signal strength; (2) the central computer 140 can use a learning algorithm to compute the mean and standard deviation for 95% confidence level for each neighbor smart device 112 in the list. For example, depending of the mean and standard deviation values, the central computer 140 will assign a relative threshold level for, in a one to one relationship, in order to increase maximum likelihood for a location of a smart device 112 to be computed with a high degree of certainty.
- the Device 1 112 A will sense that a smart device 112 A broke the geo-fence it created earlier (i.e. the smart device 112 A needs to be approximate the meshed network).
- the mobile application 630 running on the smart device 112 A receives the Device 1 112 A signal and sends a message over cellular network to the servers communicating with the central computer 140 , e.g., iForm Cloud, informing the central computer 140 that it is running a certain mobile application.
- the servers forward the message to the central computer 140 , e.g., iForm Cloud, with the context received from the application 630 running on the Smart Mobile Device 112 A.
- the central computer 140 sends a wakeup message to an smart device 112 or aggregator 104 where Device 1 112 A is registered to belong.
- the smart device 112 or aggregator 104 sends a wakeup message to all neighboring smart devices 112 approximate the Device 1 112 A to place them in a wake up state.
- the aggregator or neighbor smart devices send a SLEEP message to all n smart devices to resume sleep mode.
- a smart device can include a wireless transceiver, processor and it can include its own power supply.
- smart devices generally can have a Tx/Rx radio front end and the ability to “listen” to its neighbor beacons in order to adjust its power based on surrounding radio activity.
- a group of smart devices within a space forms a meshed network. It is noted that smart devices can also adjust their Tx power and the transmission interval when instructed through the aggregators by the cloud computer.
- Some types of features of smart devices may include: (1) Bluetooth tags having HW/SW elements which are fixed or mobile; (2) Dua-stack tag having a dual Bluetooth stack able to simultaneously receive on one and transmit on the other; (3) smart devices communicating with aggregators incorporating multi functions; (4) smart devices communicating by itself or through other devices with a central computer and (5) smart devices communicating through other devices (i.e. aggregators, central computer, cloud network) to communicate with an application running on mobile devices.
- Aggregators can generally communicate with smart devices, smart device applications, network clouds and provide its own data/information that may be needed for operation via the specific application. Further, the Aggregators 104 can provide information to users and/or get information from users through a graphical user interface or the like.
- a smart device application can generally act as a control, location estimation and processing unit for the system.
- the application may be able to use existing hardware and software of a smart device.
- the central computer may be located anywhere as long as it is connected to the Internet. Further, the central computer can perform functions related to applications which need to be performed and can also be connected with mobile applications distributed on different server devices.
- a cloud-based network system or a network cloud can generally be defined as able to provide data storage, processing, and analytics along with other functioning aspects. For example, the system can provide notice alarms, backup data protocols for system data, synchronization and sharing of data between devices and networks, crowd mapping of identified devices and interfacing with the system via cloud based applications.
- a meshed network can generally be considered as a type of network topology in which a device, tag or node can transmit its own data as well as serves as a relay for other tags or nodes located near it.
- the tags or nodes can be wireless using routers to provide for an efficient data transfer path for effective communication. It is noted that the nodes (or aggregators in the meshed network) can also be linked to the internet and the cloud computer via a wireless or Ethernet network.
- a radio emitting device comprises a processor; a transceiver for communicating with other radio emitting devices and for communicating with an aggregator in communication with a central server computer over a network; and a storage medium for tangibly storing thereon program logic for execution by the processor, the program logic comprising radio emitting device communicating logic executed by the processor for communicating with a plurality of radio emitting devices to create a geo-fence within a space and for facilitating determination of a location of a smart device by the radio emitting device and a subset of the plurality of radio emitting devices, the smart device executing a user application for the space, the facilitating determination of the location occurring when the smart device is moved past the geo-fence and into the space, the determined location relative to the radio emitting device, the radio emitting device transitioning from a sleep state to an active state when the smart device moves within a predetermined distance from the subset of the radio emitting devices.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- Computer Security & Cryptography (AREA)
- Biomedical Technology (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Epidemiology (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Primary Health Care (AREA)
- Public Health (AREA)
- Computing Systems (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
Claims (9)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/791,499 US10892047B2 (en) | 2017-10-24 | 2017-10-24 | Crypto-based ACL for patient treatment and follow-up care |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/791,499 US10892047B2 (en) | 2017-10-24 | 2017-10-24 | Crypto-based ACL for patient treatment and follow-up care |
Publications (2)
Publication Number | Publication Date |
---|---|
US20190121943A1 US20190121943A1 (en) | 2019-04-25 |
US10892047B2 true US10892047B2 (en) | 2021-01-12 |
Family
ID=66171058
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/791,499 Active 2038-09-16 US10892047B2 (en) | 2017-10-24 | 2017-10-24 | Crypto-based ACL for patient treatment and follow-up care |
Country Status (1)
Country | Link |
---|---|
US (1) | US10892047B2 (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11069440B2 (en) * | 2018-01-31 | 2021-07-20 | Fast Pathway, Inc. | Application for measuring medical service provider wait time |
US11985133B1 (en) * | 2020-04-28 | 2024-05-14 | Equinix, Inc. | Gating access to destinations on a network |
CN111883220A (en) * | 2020-07-03 | 2020-11-03 | 合肥森亿智能科技有限公司 | Patient follow-up visit data collection method, system, terminal and data collection integrated system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130048720A1 (en) * | 2007-04-04 | 2013-02-28 | Pathfinders International, Llc | Virtual badge, device and method |
US20160350564A1 (en) * | 2015-05-27 | 2016-12-01 | Intelligent Locations, LLC | Power Saving Intelligent Locator |
US20170249435A1 (en) * | 2014-09-23 | 2017-08-31 | Airstrip Ip Holdings, Llc | Near-real-time transmission of serial patient data to third-party systems |
US20180253458A1 (en) * | 2017-03-03 | 2018-09-06 | Salesforce.Com, Inc. | Synergizing real-time and polling connectors for data ingestion |
US20180261307A1 (en) * | 2017-02-10 | 2018-09-13 | Spxtrm Health Inc. | Secure monitoring of private encounters |
-
2017
- 2017-10-24 US US15/791,499 patent/US10892047B2/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130048720A1 (en) * | 2007-04-04 | 2013-02-28 | Pathfinders International, Llc | Virtual badge, device and method |
US20170249435A1 (en) * | 2014-09-23 | 2017-08-31 | Airstrip Ip Holdings, Llc | Near-real-time transmission of serial patient data to third-party systems |
US20160350564A1 (en) * | 2015-05-27 | 2016-12-01 | Intelligent Locations, LLC | Power Saving Intelligent Locator |
US20180261307A1 (en) * | 2017-02-10 | 2018-09-13 | Spxtrm Health Inc. | Secure monitoring of private encounters |
US20180253458A1 (en) * | 2017-03-03 | 2018-09-06 | Salesforce.Com, Inc. | Synergizing real-time and polling connectors for data ingestion |
Also Published As
Publication number | Publication date |
---|---|
US20190121943A1 (en) | 2019-04-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Hathaliya et al. | An exhaustive survey on security and privacy issues in Healthcare 4.0 | |
Othman et al. | Privacy-preserving aware data aggregation for IoT-based healthcare with green computing technologies | |
Andriopoulou et al. | Integrating IoT and fog computing for healthcare service delivery | |
Xu et al. | Artificial intelligence for securing IoT services in edge computing: a survey | |
Singh et al. | Securing smart healthcare system with edge computing | |
CN109417684A (en) | Distributed data collection in wireless sensor network, wherein first node can will be issued own as collector or sensing data to other nodes | |
Belsis et al. | A k-anonymity privacy-preserving approach in wireless medical monitoring environments | |
Zhu et al. | Achieving data security and privacy across healthcare applications using cyber security mechanisms | |
Wrona et al. | ontext-aware security and secure context-awareness in ubiquitous computing environments | |
US10892047B2 (en) | Crypto-based ACL for patient treatment and follow-up care | |
US20220014533A1 (en) | Anomaly Detection Using Endpoint Counters | |
Elkhodr et al. | A middleware for the internet of things | |
US11949700B2 (en) | Using content stored in an entity behavior catalog in combination with an entity risk score | |
US11527310B2 (en) | Pseudonymous crypto-based systems and methods for patient data | |
Upadrista et al. | Secure data sharing with blockchain for remote health monitoring applications: a review | |
EP2736002A1 (en) | Method, system and computer program product for enforcing access to event attributes of event streams in a complex event processing system | |
Trivedi et al. | A transformative shift toward blockchain‐based IoT environments: Consensus, smart contracts, and future directions | |
Bisdikian et al. | Inference management, trust and obfuscation principles for quality of information in emerging pervasive environments | |
Salehi Shahraki et al. | Access Control, Key Management, and Trust for Emerging Wireless Body Area Networks | |
US11570205B1 (en) | Anonymous contact tracing with network based hyperlocal authentication | |
Gupta et al. | Security of IoT-based e-healthcare applications using blockchain | |
Bandara et al. | Blockchain and self-sovereign identity empowered cyber threat information sharing platform | |
Mostarda et al. | Distributed intrusion detection systems for enhancing security in mobile wireless sensor networks | |
Estrela et al. | Blockchain technology enabling better services in the healthcare domain | |
Toka et al. | Securing IOT with blockchain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FEPP | Fee payment procedure |
Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY |
|
FEPP | Fee payment procedure |
Free format text: ENTITY STATUS SET TO SMALL (ORIGINAL EVENT CODE: SMAL); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT VERIFIED |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YR, SMALL ENTITY (ORIGINAL EVENT CODE: M2551); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY Year of fee payment: 4 |